Split out paste deployment config from the core glance

*.conf files into corresponding *-paste.ini files.

Fixes LP #815208

Change-Id: I5acb8488cc25bb3c7dd735c8c2b0fe62fcea8e5e

doc/source/authentication.rst

@@ -116,7 +116,8 @@ Configuring Glance API to use Keystone
 
 Configuring Glance API to use Keystone is relatively straight
 forward.  The first step is to ensure that declarations for the two
-pieces of middleware exist.  Here is an example for ``authtoken``::
+pieces of middleware exist in the ``glance-api-paste.ini``.  Here is
+an example for ``authtoken``::
 
   [filter:authtoken]
   paste.filter_factory = keystone.middleware.auth_token:filter_factory
@@ -170,10 +171,11 @@ Configuring Glance Registry to use Keystone
 -------------------------------------------
 
 Configuring Glance Registry to use Keystone is also relatively
-straight forward.  The same pieces of middleware need to be added as
-are needed by Glance API; see above for an example of the
-``authtoken`` configuration.  There is a slight difference for the
-``auth-context`` middleware, which should look like this::
+straight forward.  The same pieces of middleware need to be added
+to ``glance-registry-paste.ini`` as are needed by Glance API;
+see above for an example of the ``authtoken`` configuration.
+There is a slight difference for the ``auth-context`` middleware,
+which should look like this::
 
   [filter:auth-context]
   context_class = glance.registry.context.RequestContext

doc/source/configuring.rst

@@ -45,6 +45,11 @@ In addition to this documentation page, you can check the
 files distributed with Glance for example configuration files for each server
 application with detailed comments on what each options does.
 
+The PasteDeploy configuration (controlling the deployment of the WSGI
+application for each component) may be found in <component>-paste.ini
+alongside the main configuration file, <component>.conf. For example,
+``glance-api-paste.ini`` corresponds to ``glance-api.conf``.
+
 Common Configuration Options in Glance
 --------------------------------------
 
@@ -489,22 +494,25 @@ Glance API servers can be configured to have a local image cache. Caching of
 image files is transparent and happens using a piece of middleware that can
 optionally be placed in the server application pipeline.
 
+This pipeline is configured in the PasteDeploy configuration file,
+<component>-paste.ini.
+
 Enabling the Image Cache Middleware
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 To enable the image cache middleware, you would insert the cache middleware
 into your application pipeline **after** the appropriate context middleware.
 
-The cache middleware should be in your ``glance-api.conf`` in a section titled
-``[filter:cache]``. It should look like this::
+The cache middleware should be in your ``glance-api-paste.ini`` in a section
+titled ``[filter:cache]``. It should look like this::
 
   [filter:cache]
   paste.filter_factory = glance.common.wsgi:filter_factory
   glance.filter_factory = glance.api.middleware.cache:CacheFilter
 
 
-For example, suppose your application pipeline in the ``glance-api.conf`` file
-looked like so::
+For example, suppose your application pipeline in the ``glance-api-paste.ini``
+file looked like so::
 
   [pipeline:glance-api]
   pipeline = versionnegotiation context apiv1app

etc/glance-api-paste.ini

@@ -0,0 +1,49 @@
+[pipeline:glance-api]
+pipeline = versionnegotiation context apiv1app
+# NOTE: use the following pipeline for keystone
+# pipeline = versionnegotiation authtoken auth-context apiv1app
+
+# To enable transparent caching of image files replace pipeline with below:
+# pipeline = versionnegotiation context cache apiv1app
+# NOTE: use the following pipeline for keystone auth (with caching)
+# pipeline = versionnegotiation authtoken auth-context cache apiv1app
+
+# To enable Image Cache Management API replace pipeline with below:
+# pipeline = versionnegotiation context cachemanage apiv1app
+# NOTE: use the following pipeline for keystone auth (with caching)
+# pipeline = versionnegotiation authtoken auth-context cachemanage apiv1app
+
+[app:apiv1app]
+paste.app_factory = glance.common.wsgi:app_factory
+glance.app_factory = glance.api.v1.router:API
+
+[filter:versionnegotiation]
+paste.filter_factory = glance.common.wsgi:filter_factory
+glance.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter
+
+[filter:cache]
+paste.filter_factory = glance.common.wsgi:filter_factory
+glance.filter_factory = glance.api.middleware.cache:CacheFilter
+
+[filter:cachemanage]
+paste.filter_factory = glance.common.wsgi:filter_factory
+glance.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter
+
+[filter:context]
+paste.filter_factory = glance.common.wsgi:filter_factory
+glance.filter_factory = glance.common.context:ContextMiddleware
+
+[filter:authtoken]
+paste.filter_factory = keystone.middleware.auth_token:filter_factory
+service_protocol = http
+service_host = 127.0.0.1
+service_port = 5000
+auth_host = 127.0.0.1
+auth_port = 35357
+auth_protocol = http
+auth_uri = http://127.0.0.1:5000/
+admin_token = 999888777666
+
+[filter:auth-context]
+paste.filter_factory = glance.common.wsgi:filter_factory
+glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware

etc/glance-api.conf

@@ -206,53 +206,3 @@ scrubber_datadir = /var/lib/glance/scrubber
 
 # Base directory that the Image Cache uses
 image_cache_dir = /var/lib/glance/image-cache/
-
-[pipeline:glance-api]
-pipeline = versionnegotiation context apiv1app
-# NOTE: use the following pipeline for keystone
-# pipeline = versionnegotiation authtoken auth-context apiv1app
-
-# To enable transparent caching of image files replace pipeline with below:
-# pipeline = versionnegotiation context cache apiv1app
-# NOTE: use the following pipeline for keystone auth (with caching)
-# pipeline = versionnegotiation authtoken auth-context cache apiv1app
-
-# To enable Image Cache Management API replace pipeline with below:
-# pipeline = versionnegotiation context cachemanage apiv1app
-# NOTE: use the following pipeline for keystone auth (with caching)
-# pipeline = versionnegotiation authtoken auth-context cachemanage apiv1app
-
-[app:apiv1app]
-paste.app_factory = glance.common.wsgi:app_factory
-glance.app_factory = glance.api.v1.router:API
-
-[filter:versionnegotiation]
-paste.filter_factory = glance.common.wsgi:filter_factory
-glance.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter
-
-[filter:cache]
-paste.filter_factory = glance.common.wsgi:filter_factory
-glance.filter_factory = glance.api.middleware.cache:CacheFilter
-
-[filter:cachemanage]
-paste.filter_factory = glance.common.wsgi:filter_factory
-glance.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter
-
-[filter:context]
-paste.filter_factory = glance.common.wsgi:filter_factory
-glance.filter_factory = glance.common.context:ContextMiddleware
-
-[filter:authtoken]
-paste.filter_factory = keystone.middleware.auth_token:filter_factory
-service_protocol = http
-service_host = 127.0.0.1
-service_port = 5000
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-auth_uri = http://127.0.0.1:5000/
-admin_token = 999888777666
-
-[filter:auth-context]
-paste.filter_factory = glance.common.wsgi:filter_factory
-glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware

etc/glance-cache-paste.ini

@@ -0,0 +1,15 @@
+[app:glance-pruner]
+paste.app_factory = glance.common.wsgi:app_factory
+glance.app_factory = glance.image_cache.pruner:Pruner
+
+[app:glance-prefetcher]
+paste.app_factory = glance.common.wsgi:app_factory
+glance.app_factory = glance.image_cache.prefetcher:Prefetcher
+
+[app:glance-cleaner]
+paste.app_factory = glance.common.wsgi:app_factory
+glance.app_factory = glance.image_cache.cleaner:Cleaner
+
+[app:glance-queue-image]
+paste.app_factory = glance.common.wsgi:app_factory
+glance.app_factory = glance.image_cache.queue_image:Queuer

etc/glance-cache.conf

@@ -38,19 +38,3 @@ registry_port = 9191
 
 # Admin token to use if using Keystone
 # admin_token = 123
-
-[app:glance-pruner]
-paste.app_factory = glance.common.wsgi:app_factory
-glance.app_factory = glance.image_cache.pruner:Pruner
-
-[app:glance-prefetcher]
-paste.app_factory = glance.common.wsgi:app_factory
-glance.app_factory = glance.image_cache.prefetcher:Prefetcher
-
-[app:glance-cleaner]
-paste.app_factory = glance.common.wsgi:app_factory
-glance.app_factory = glance.image_cache.cleaner:Cleaner
-
-[app:glance-queue-image]
-paste.app_factory = glance.common.wsgi:app_factory
-glance.app_factory = glance.image_cache.queue_image:Queuer

etc/glance-registry-paste.ini

@@ -0,0 +1,29 @@
+[pipeline:glance-registry]
+pipeline = context registryapp
+# NOTE: use the following pipeline for keystone
+# pipeline = authtoken auth-context registryapp
+
+[app:registryapp]
+paste.app_factory = glance.common.wsgi:app_factory
+glance.app_factory = glance.registry.api.v1:API
+
+[filter:context]
+context_class = glance.registry.context.RequestContext
+paste.filter_factory = glance.common.wsgi:filter_factory
+glance.filter_factory = glance.common.context:ContextMiddleware
+
+[filter:authtoken]
+paste.filter_factory = keystone.middleware.auth_token:filter_factory
+service_protocol = http
+service_host = 127.0.0.1
+service_port = 5000
+auth_host = 127.0.0.1
+auth_port = 35357
+auth_protocol = http
+auth_uri = http://127.0.0.1:5000/
+admin_token = 999888777666
+
+[filter:auth-context]
+context_class = glance.registry.context.RequestContext
+paste.filter_factory = glance.common.wsgi:filter_factory
+glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware

etc/glance-registry.conf

@@ -56,33 +56,3 @@ use_syslog = False
 
 # Private key file to use when starting registry server securely
 # key_file = /path/to/keyfile
-
-[pipeline:glance-registry]
-pipeline = context registryapp
-# NOTE: use the following pipeline for keystone
-# pipeline = authtoken auth-context registryapp
-
-[app:registryapp]
-paste.app_factory = glance.common.wsgi:app_factory
-glance.app_factory = glance.registry.api.v1:API
-
-[filter:context]
-context_class = glance.registry.context.RequestContext
-paste.filter_factory = glance.common.wsgi:filter_factory
-glance.filter_factory = glance.common.context:ContextMiddleware
-
-[filter:authtoken]
-paste.filter_factory = keystone.middleware.auth_token:filter_factory
-service_protocol = http
-service_host = 127.0.0.1
-service_port = 5000
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-auth_uri = http://127.0.0.1:5000/
-admin_token = 999888777666
-
-[filter:auth-context]
-context_class = glance.registry.context.RequestContext
-paste.filter_factory = glance.common.wsgi:filter_factory
-glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware

etc/glance-scrubber-paste.ini

@@ -0,0 +1,3 @@
+[app:glance-scrubber]
+paste.app_factory = glance.common.wsgi:app_factory
+glance.app_factory = glance.store.scrubber:Scrubber

etc/glance-scrubber.conf

@@ -33,7 +33,3 @@ registry_host = 0.0.0.0
 
 # Port the registry server is listening on
 registry_port = 9191
-
-[app:glance-scrubber]
-paste.app_factory = glance.common.wsgi:app_factory
-glance.app_factory = glance.store.scrubber:Scrubber

glance/common/config.py

@@ -112,8 +112,10 @@ def load_paste_app(conf, app_name=None):
     if app_name is None:
         app_name = conf.prog
 
-    # Assume paste config is in the last config file
-    conf_file = os.path.abspath(conf.config_file[-1])
+    # Assume paste config is in a paste.ini file corresponding
+    # to the last config file
+    conf_file = os.path.abspath(conf.config_file[-1].replace(".conf",
+                                                             "-paste.ini"))
 
     try:
         # Setup logging early

glance/tests/functional/__init__.py

@@ -81,6 +81,7 @@ class Server(object):
         self.bind_port = port
         self.conf_file_name = None
         self.conf_base = None
+        self.paste_conf_base = None
         self.server_control = './bin/glance-control'
         self.exec_env = None
 
@@ -99,16 +100,28 @@ class Server(object):
         if kwargs:
             conf_override.update(**kwargs)
 
-        # A config file to use just for this test...we don't want
+        # A config file and paste.ini to use just for this test...we don't want
         # to trample on currently-running Glance servers, now do we?
 
         conf_dir = os.path.join(self.test_dir, 'etc')
         conf_filepath = os.path.join(conf_dir, "%s.conf" % self.server_name)
+        paste_conf_filepath = conf_filepath.replace(".conf", "-paste.ini")
         utils.safe_mkdirs(conf_dir)
-        with open(conf_filepath, 'wb') as conf_file:
-            conf_file.write(self.conf_base % conf_override)
-            conf_file.flush()
-            self.conf_file_name = conf_file.name
+
+        def override_conf(filepath, base, override):
+            with open(filepath, 'wb') as conf_file:
+                conf_file.write(base % override)
+                conf_file.flush()
+                return conf_file.name
+
+        self.conf_file_name = override_conf(conf_filepath,
+                                            self.conf_base,
+                                            conf_override)
+
+        if self.paste_conf_base:
+            override_conf(paste_conf_filepath,
+                          self.paste_conf_base,
+                          conf_override)
 
         return self.conf_file_name
 
@@ -212,8 +225,8 @@ scrub_time = 5
 scrubber_datadir = %(scrubber_datadir)s
 image_cache_dir = %(image_cache_dir)s
 image_cache_driver = %(image_cache_driver)s
-
-[pipeline:glance-api]
+"""
+        self.paste_conf_base = """[pipeline:glance-api]
 pipeline = versionnegotiation context %(cache_pipeline)s apiv1app
 
 [app:apiv1app]
@@ -268,8 +281,8 @@ sql_idle_timeout = 3600
 api_limit_max = 1000
 limit_param_default = 25
 owner_is_tenant = %(owner_is_tenant)s
-
-[pipeline:glance-registry]
+"""
+        self.paste_conf_base = """[pipeline:glance-registry]
 pipeline = context registryapp
 
 [app:registryapp]
@@ -308,8 +321,8 @@ wakeup_time = 2
 scrubber_datadir = %(scrubber_datadir)s
 registry_host = 0.0.0.0
 registry_port = %(registry_port)s
-
-[app:glance-scrubber]
+"""
+        self.paste_conf_base = """[app:glance-scrubber]
 paste.app_factory = glance.common.wsgi:app_factory
 glance.app_factory = glance.store.scrubber:Scrubber
 """

glance/tests/functional/keystone_utils.py

@@ -132,21 +132,21 @@ class AdminServer(KeystoneServer):
 
 def conf_patch(server, **subs):
     # First, pull the configuration file
-    conf_base = server.conf_base.split('\n')
+    paste_base = server.paste_conf_base.split('\n')
 
     # Need to find the pipeline
-    for idx, text in enumerate(conf_base):
+    for idx, text in enumerate(paste_base):
         if text.startswith('[pipeline:glance-'):
             # OK, the line to modify is the next one...
             modidx = idx + 1
             break
 
     # Now we need to replace the default context field...
-    conf_base[modidx] = conf_base[modidx].replace('context',
-                                                  'tokenauth keystone_shim')
+    paste_base[modidx] = paste_base[modidx].replace('context',
+                                                    'tokenauth keystone_shim')
 
     # Put the conf back together and append the keystone pieces
-    server.conf_base = '\n'.join(conf_base) + """
+    server.paste_conf_base = '\n'.join(paste_base) + """
 [filter:tokenauth]
 paste.filter_factory = keystone.middleware.auth_token:filter_factory
 service_protocol = http
@@ -216,7 +216,7 @@ class KeystoneTests(functional.FunctionalTest):
                    admin_port=self.admin_port)
         conf_patch(self.registry_server, auth_port=self.auth_port,
                    admin_port=self.admin_port)
-        self.registry_server.conf_base += (
+        self.registry_server.paste_conf_base += (
             'context_class = glance.registry.context.RequestContext\n')
 
     def tearDown(self):

glance/tests/functional/test_bin_glance_cache_manage.py

@@ -207,8 +207,11 @@ registry_host = 0.0.0.0
 registry_port = %(registry_port)s
 metadata_encryption_key = %(metadata_encryption_key)s
 log_file = %(log_file)s
+""" % cache_file_options)
 
-[app:glance-pruner]
+        with open(cache_config_filepath.replace(".conf", "-paste.ini"),
+                  'w') as paste_file:
+            paste_file.write("""[app:glance-pruner]
 paste.app_factory = glance.common.wsgi:app_factory
 glance.app_factory = glance.image_cache.pruner:Pruner
 
@@ -223,8 +226,7 @@ glance.app_factory = glance.image_cache.cleaner:Cleaner
 [app:glance-queue-image]
 paste.app_factory = glance.common.wsgi:app_factory
 glance.app_factory = glance.image_cache.queue_image:Queuer
-""" % cache_file_options)
-            cache_file.flush()
+""")
 
         cmd = "bin/glance-cache-prefetcher --config-file %s" % \
             cache_config_filepath

glance/tests/functional/test_cache_middleware.py

@@ -346,8 +346,11 @@ registry_host = 0.0.0.0
 registry_port = %(registry_port)s
 metadata_encryption_key = %(metadata_encryption_key)s
 log_file = %(log_file)s
+""" % cache_file_options)
 
-[app:glance-pruner]
+        with open(cache_config_filepath.replace(".conf", "-paste.ini"),
+                  'w') as paste_file:
+            paste_file.write("""[app:glance-pruner]
 paste.app_factory = glance.common.wsgi:app_factory
 glance.app_factory = glance.image_cache.pruner:Pruner
 
@@ -362,8 +365,7 @@ glance.app_factory = glance.image_cache.cleaner:Cleaner
 [app:glance-queue-image]
 paste.app_factory = glance.common.wsgi:app_factory
 glance.app_factory = glance.image_cache.queue_image:Queuer
-""" % cache_file_options)
-            cache_file.flush()
+""")
 
         self.verify_no_images()